Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

Hot Vendors
Note! The CISSP-ISSEP Exam is no longer available.

CISSP-ISSEP ISSEP Information Systems Security Engineering Professional Questions and Answers

Questions 4

Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Office of Management and Budget (OMB)

B.

NIST

C.

FISMA

D.

FIPS

Buy Now
Questions 5

Which of the following refers to a process that is used for implementing information security

Options:

A.

Classic information security model

B.

Certification and Accreditation (C&A)

C.

Information Assurance (IA)

D.

Five Pillars model

Buy Now
Questions 6

Which of the following persons in an organization is responsible for rejecting or accepting the residual risk for a system

Options:

A.

System Owner

B.

Information Systems Security Officer (ISSO)

C.

Designated Approving Authority (DAA)

D.

Chief Information Security Officer (CISO)

Buy Now
Questions 7

You work as a security engineer for BlueWell Inc. According to you, which of the following statements determines the main focus of the ISSE process

Options:

A.

Design information systems that will meet the certification and accreditation documentation.

B.

Identify the information protection needs.

C.

Ensure information systems are designed and developed with functional relevance.

D.

Instruct systems engineers on availability, integrity, and confidentiality.

Buy Now
Questions 8

Which of the following federal laws establishes roles and responsibilities for information security, risk management, testing, and training, and authorizes NIST and NSA to provide guidance for security planning and implementation

Options:

A.

Computer Fraud and Abuse Act

B.

Government Information Security Reform Act (GISRA)

C.

Federal Information Security Management Act (FISMA)

D.

Computer Security Act

Buy Now
Questions 9

Which of the following phases of the ISSE model is used to determine why the system needs to be built and what information needs to be protected

Options:

A.

Develop detailed security design

B.

Define system security requirements

C.

Discover information protection needs

D.

Define system security architecture

Buy Now
Questions 10

Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.

Options:

A.

Risk management plan

B.

Project charter

C.

Quality management plan

D.

Risk register

Buy Now
Questions 11

In which of the following DIACAP phases is residual risk analyzed

Options:

A.

Phase 2

B.

Phase 3

C.

Phase 5

D.

Phase 1

E.

Phase 4

Buy Now
Questions 12

Which of the following Registration Tasks sets up the system architecture description, and describes the C&A boundary

Options:

A.

Registration Task 3

B.

Registration Task 4

C.

Registration Task 2

D.

Registration Task 1

Buy Now
Questions 13

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting classified information

Options:

A.

Type III cryptography

B.

Type III (E) cryptography

C.

Type II cryptography

D.

Type I cryptography

Buy Now
Questions 14

Which of the following NIST Special Publication documents provides a guideline on questionnaires and checklists through which systems can be evaluated for compliance against specific control objectives

Options:

A.

NIST SP 800-53A

B.

NIST SP 800-37

C.

NIST SP 800-53

D.

NIST SP 800-26

E.

NIST SP 800-59

F.

NIST SP 800-60

Buy Now
Questions 15

The principle of the SEMP is not to repeat the information, but rather to ensure that there are processes in place to conduct those functions. Which of the following sections of the SEMP template describes the work authorization procedures as well as change management approval processes

Options:

A.

Section 3.1.8

B.

Section 3.1.9

C.

Section 3.1.5

D.

Section 3.1.7

Buy Now
Questions 16

Diane is the project manager of the HGF Project. A risk that has been identified and analyzed in the project planning processes is now coming into fruition. What individual should respond to the risk with the preplanned risk response

Options:

A.

Project sponsor

B.

Risk owner

C.

Diane

D.

Subject matter expert

Buy Now
Questions 17

Which of the following acts promote a risk-based policy for cost effective security Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Clinger-Cohen Act

B.

Lanham Act

C.

Paperwork Reduction Act (PRA)

D.

Computer Misuse Act

Buy Now
Questions 18

Which of the following individuals is responsible for monitoring the information system environment for factors that can negatively impact the security of the system and its accreditation

Options:

A.

Chief Information Officer

B.

Chief Information Security Officer

C.

Chief Risk Officer

D.

Information System Owner

Buy Now
Questions 19

Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment

Options:

A.

Phase 4

B.

Phase 2

C.

Phase 1

D.

Phase 3

Buy Now
Questions 20

Which of the following agencies is responsible for funding the development of many technologies such as computer networking, as well as NLS

Options:

A.

DARPA

B.

DTIC

C.

DISA

D.

DIAP

Buy Now
Questions 21

The Chief Information Officer (CIO), or Information Technology (IT) director, is a job title commonly given to the most senior executive in an enterprise. What are the responsibilities of a Chief Information Officer Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Proposing the information technology needed by an enterprise to achieve its goals and then working within a budget to implement the plan

B.

Preserving high-level communications and working group relationships in an organization

C.

Establishing effective continuous monitoring program for the organization

D.

Facilitating the sharing of security risk-related information among authorizing officials

Buy Now
Questions 22

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed

Options:

A.

Level 4

B.

Level 5

C.

Level 1

D.

Level 2

E.

Level 3

Buy Now
Questions 23

Which of the following tasks prepares the technical management plan in planning the technical effort

Options:

A.

Task 10

B.

Task 9

C.

Task 7

D.

Task 8

Buy Now
Questions 24

Which of the following are the major tasks of risk management Each correct answer represents a complete solution. Choose two.

Options:

A.

Risk identification

B.

Building Risk free systems

C.

Assuring the integrity of organizational data

D.

Risk control

Buy Now
Questions 25

Which of the following DoD policies establishes policies and assigns responsibilities to achieve DoD IA through a defense-in-depth approach that integrates the capabilities of personnel, operations, and technology, and supports the evolution to network-centric warfare

Options:

A.

DoD 8500.2 Information Assurance Implementation

B.

DoD 8510.1-M DITSCAP

C.

DoDI 5200.40

D.

DoD 8500.1 Information Assurance (IA)

Buy Now
Questions 26

Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system

Options:

A.

Data security requirement

B.

Network connection rule

C.

Applicable instruction or directive

D.

Security concept of operation

Buy Now
Questions 27

You work as a systems engineer for BlueWell Inc. You are working on translating system requirements into detailed function criteria. Which of the following diagrams will help you to show all of the function requirements and their groupings in one diagram

Options:

A.

Activity diagram

B.

Functional flow block diagram (FFBD)

C.

Functional hierarchy diagram

D.

Timeline analysis diagram

Buy Now
Questions 28

Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations

Options:

A.

DARPA

B.

DTIC

C.

DISA

D.

DIAP

Buy Now
Questions 29

The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. What are the different types of NIACAP accreditation Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Type accreditation

B.

Site accreditation

C.

System accreditation

D.

Secure accreditation

Buy Now
Questions 30

Which of the following tasks describes the processes required to ensure that the project includes all the work required, and only the work required, to complete the project successfully

Options:

A.

Identify Roles and Responsibilities

B.

Develop Project Schedule

C.

Identify Resources and Availability

D.

Estimate project scope

Buy Now
Questions 31

Which of the following Security Control Assessment Tasks evaluates the operational, technical, and the management security controls of the information system using the techniques and measures selected or developed

Options:

A.

Security Control Assessment Task 3

B.

Security Control Assessment Task 1

C.

Security Control Assessment Task 4

D.

Security Control Assessment Task 2

Buy Now
Exam Code: CISSP-ISSEP
Exam Name: ISSEP Information Systems Security Engineering Professional
Last Update: Nov 27, 2023
Questions: 212
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 21 Nov 2024